<?
session_start();

require("../../mysql.config.inc");
$mysqli = new mysqli($host,$username,$password,$db);  

if(isset($_POST['updateAlbumTitle']) && preg_match("|^[a-zA-Z0-9.,'\s]+$|", $_POST['updateAlbumTitle'])
	&& isset($_POST['updateAlbum'])){
	$albumTitle = "'".$_POST['updateAlbumTitle']."'";
	$updateAlbumAid = $_POST['updateAlbum'];
	$query = "UPDATE Albums SET Title = $albumTitle WHERE aid = $updateAlbumAid";
	$mysqli->query($query);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>A Photo Gallery</title>
	<link rel="stylesheet" type="text/css" href="../stylesheets/styles.css"/>
	<script type="text/javascript" src="../scripts/deleteAlbum.js"></script>
</head>

<body>

<div id="content">
	
	<div id="nav">
		<dl class="menu">
			<dd><a href="../index.php">Home</a></dd>
			<dd><a href="../albums.php">Albums</a></dd>
			<dd><a href="../photos.php">All Photos</a></dd>
			<dd class = "active"><a href="../admin.php">Administration</a></dd>
		</dl>
	</div>
	
	<h2>Administration: Update an Album</h2>
	
	<?if(!isset($_SESSION['logged_user'])){?>
	
		<div id="bodyText">
		You need to be Logged in to view this page, although it's curious how you got here in the first
		place.<br/>
		<a href="../admin.php">Log in</a>
		
	<?}else{?>
	
		<div id="bodyText">
		
		<form action="updateAlbum.php" method="post">
			<p>Select which album you would like to change:<br/>
			<?
			$albumList = $mysqli->query('SELECT* FROM Albums ORDER BY Title');
			
			while($dropList = $albumList->fetch_assoc()){
				print("<input type=\"radio\" name=\"updateAlbum\" value=\"".$dropList['aid']."\"/>".$dropList['Title']."<br/>\n");
			}
			?>
			
			Fill out the following information to change the album.<br/><br/>
		
			What is going to be the name of this album?:<br/>
			<input type="text" name="updateAlbumTitle"/><br/><br/>
			<input type="submit" id="submitUpdateAlbum" value="Update Album"/>
			</p>
		</form>
		
			Here is a current list of Albums for reference, and a link to what photos they have in them:<br/>
			<?
			$albumList = $mysqli->query('SELECT* FROM Albums ORDER BY Title');
			
			while($dropList = $albumList->fetch_assoc()){
				print("<a href=\"http://info230.cs.cornell.edu/users/aballantine/www/p3/albums.php?albumId=".$dropList['aid']."\"
				>".$dropList['Title']."</a><br/>");
			}
			?>
	
		<form action="../admin.php" method="post" name="logout">
			<p>
			<input type="hidden" name="logout"/>
			<input type="submit" value="Log Out"/>
			</p>
		</form>
		
	<?}
	$mysqli->close();
	?>
	</div>

</div>
</body>
</html>